Members

ldctl_oid

LDAP_SERVER_SD_FLAGS_OID, defined as "1.2.840.113556.1.4.801".

ldctl_value

Specifies a BER-encoded sequence of parameters that enables the application to specify various descriptor flags. In the berval structure, set bv_val to a pointer to the sequence that contains the flag data and set bv_len to the length of the sequence. For more information, see the Remarks section.

ldctl_iscritical

Can be TRUE or FALSE depending on whether SD search/modify is critical to the operation.

Remarks

The Security Descriptor control enables the client to pass flags to specify various security descriptor options. The ldctl_value field is set to the following BER-encoded sequence.

Sequence {
Flags INTEGER
}

The ber_printf function is used to create the sequence data. The flags portion contains the descriptor options to include. The following example code shows how to format the sequence data.